Privacy Policy

Effective Date: [Insert Date, e.g., 25 May 2024]

Last Updated: [Insert Date]

Please Note: This Privacy Policy is provided as a template. It is essential to have it reviewed by a legal professional qualified in data protection law (specifically GDPR) to ensure it accurately reflects your data processing activities and complies with all legal requirements for Jissicko Software and the ReplicaPixel application.

1. Introduction & Who We Are

Welcome to ReplicaPixel! This Privacy Policy explains how Jissicko Software ("we", "us", "our") collects, uses, shares, and protects your personal information when you use our AI content generation application "ReplicaPixel" (the "Service"), available through our website ([Your Website URL, e.g., https://replicapixel.com ]) and potentially associated applications.

Jissicko Software, located at [Your Company Address, City, Country], is the Data Controller responsible for the processing of your personal data under the General Data Protection Regulation (GDPR).

Our commitment is to protect your privacy and handle your data responsibly and transparently. Our primary goals in processing personal information include:

Providing, operating, and maintaining the ReplicaPixel Service, including AI content generation based on your inputs.
Managing your user account, processing payments (if applicable), and providing customer support.
Improving and personalizing the Service, including enhancing our AI models (often using anonymized or aggregated data).
Ensuring the security and integrity of our Service.
Complying with legal obligations and communicating with you about the Service.

We adhere to GDPR and other relevant regulations to protect your data against unauthorized access, disclosure, alteration, and destruction.

We do not currently have a designated Data Protection Officer (DPO). For any privacy-related questions or requests, please contact us at:
Email: jonathan.louisa@hotmail.com [Or preferably: privacy@jissickosoftware.com]
Phone: +31 645736311 [Consider if providing a phone number is necessary/preferred for privacy contact]

Your privacy is our priority. This commitment extends to our collaboration with third-party services involved in delivering ReplicaPixel.

2. Scope of this Policy

This policy applies to all personal data processed by Jissicko Software in relation to your use of the ReplicaPixel Service, including data collected via our website, the application itself, and communications with us. It covers website visitors, registered users, subscribers, and anyone interacting with the Service.

3. Information We Collect

We collect different types of information depending on how you interact with ReplicaPixel:

3.1. Information You Provide Directly

Account Information: When you register, we collect information such as your name, email address, and password.
Payment Information: If you subscribe to paid features, we (or our third-party payment processor) collect billing details like your name, address, and payment card information. We do not store your full payment card details ourselves.
Input Data: We collect the prompts, text descriptions, images, or other data you provide as input to generate content using ReplicaPixel's AI features (e.g., Lora models).
Communications: If you contact us for support or feedback, we collect the information contained in your communications (e.g., email content, support ticket details).

3.2. Information Collected Automatically

Usage Data: Information about how you interact with the Service, such as features used, content generated, time spent, clicks, settings preferences, and error logs.
Device and Connection Information: Technical data including your IP address, browser type and version, operating system, device identifiers (where applicable), and general location derived from your IP address.
Cookies and Tracking Technologies: We use cookies and similar technologies to operate the Service, understand usage, and for analytics. See Section 9 ("Cookies") for details.

3.3. Generated Output Data

Generated Content: We process and may temporarily store the images, videos, or other content generated by you using the Service.

4. How We Use Your Information & Legal Basis (GDPR)

We process your personal data based on specific legal grounds under GDPR:

To Provide and Manage the Service (Legal Basis: Art. 6(1)(b) GDPR - Performance of Contract):
- Creating and managing your user account.
- Processing your input data to generate requested AI content (images, videos).
- Delivering the generated content to you.
- Processing payments and managing subscriptions.
- Providing customer support and responding to inquiries.
To Improve and Develop the Service (Legal Basis: Art. 6(1)(f) GDPR - Legitimate Interests):
- Analyzing usage patterns to understand user needs and enhance features (Usage Data).
- Improving the performance, accuracy, and safety of our AI models. This may involve analyzing Input Data and Generated Content, typically in an anonymized or aggregated form where feasible. Our legitimate interest is in providing a better, safer, and more effective Service.
- Troubleshooting and debugging issues.
For Security and Compliance (Legal Basis: Art. 6(1)(f) GDPR - Legitimate Interests; Art. 6(1)(c) GDPR - Legal Obligation):
- Protecting the security and integrity of our Service, preventing fraud and abuse (Usage Data, Device Info).
- Complying with applicable laws, regulations, and legal processes.
For Communication & Marketing (Legal Basis: Art. 6(1)(a) GDPR - Consent; Art. 6(1)(f) GDPR - Legitimate Interests):
- Sending important service-related communications (e.g., account updates, security alerts) (Legitimate Interest/Contract).
- Sending promotional communications or newsletters *if* you have opted-in (Consent). You can opt-out at any time.

5. Data Sharing and Disclosure

We do not sell your personal data. We may share your information in the following limited circumstances:

5.1. Third-Party Service Providers (Subprocessors)

We engage trusted third-party companies and individuals to perform services on our behalf (e.g., payment processing, data hosting, analytics, security, customer support, AI infrastructure). These subprocessors only have access to the personal data necessary to perform their tasks and are contractually obligated (via Data Processing Agreements - DPAs where required by GDPR) to protect your data and use it solely for the purposes we specify.

Key categories of subprocessors may include:

Service Name / Category	Provider (Example/Actual)	Purpose(s)	Potential Personal Data Types Processed	Privacy Policy Link / Location
Payment Processing	[e.g., Stripe, Inc.]	Processing subscription payments, fraud prevention.	Name, Email, Billing Address, Payment Method Information (partial, tokenized), Purchase History, IP Address.	[Link to Provider's Privacy Policy]
Cloud Hosting & Infrastructure	[e.g., AWS EMEA SARL, Google Cloud EMEA Ltd.]	Hosting the ReplicaPixel application, storing user data (including inputs/outputs), database management.	Account Info, Usage Data, Input Data, Generated Output, IP Addresses (in logs).	[Link to Provider's Privacy Policy]
AI Model Infrastructure	[e.g., Specific GPU Cloud Provider, if applicable]	Running the AI models for content generation.	Input Data (prompts), potentially Usage Data (for optimisation). Anonymization applied where possible.	[Link to Provider's Privacy Policy]
Analytics	Google Ireland Limited (Google Analytics)	Understanding website/app usage, improving user experience, performance tracking.	IP Address (often anonymized), Device/Browser Information, Interaction Logs (clicks, pages visited, time spent), Approximate Location (IP-based), User ID (if implemented).	https://policies.google.com/privacy
Security / CDN	Cloudflare, Inc.	Website security, performance optimization (CDN), bot protection.	IP Address, Security Logs, Device/Browser Information (for challenges).	https://www.cloudflare.com/privacypolicy/
Advertising / Marketing Pixels (If Used)	Meta Platforms Ireland Ltd. (Meta Pixel)	Tracking ad campaign effectiveness, remarketing (if consent given), website analytics.	IP Address, Device/Browser Information, Interaction Logs (pages visited, actions taken), Email/User ID (if matched via hashing, with consent).	https://www.facebook.com/privacy/explanation
Customer Support Platform	[e.g., Zendesk, Intercom]	Managing support tickets and communications.	Name, Email, Communication History, Account Info (as needed for support).	[Link to Provider's Privacy Policy]

5.2. Legal Requirements

We may disclose your information if required by law, subpoena, or other legal process, or if we have a good faith belief that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.

5.3. Business Transfers

In the event of a merger, acquisition, bankruptcy, dissolution, reorganization, or similar transaction or proceeding involving Jissicko Software, your information may be transferred as part of that transaction, subject to standard confidentiality arrangements.

6. International Data Transfers

Your personal information may be transferred to, and processed in, countries other than the country in which you reside. These countries may have data protection laws that are different from the laws of your country (particularly if you are in the EU/EEA).

Specifically, some of our third-party service providers (as listed in Section 5) may be located outside the European Economic Area (EEA), for example, in the United States.

Where we transfer your personal data outside the EEA, we take appropriate safeguards to ensure your data receives an adequate level of protection. This typically includes relying on:

An adequacy decision by the European Commission confirming the country provides adequate protection.
Standard Contractual Clauses (SCCs) approved by the European Commission, implemented between us and the third-party provider.

Our primary servers for the ReplicaPixel application are located in: [Specify Location(s), e.g., "the European Union", "Frankfurt, Germany"].

7. Data Storage and Protection

Data Security Measures:

We implement appropriate technical and organizational security measures designed to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These measures include:

Encryption: Using encryption (e.g., TLS/SSL) for data in transit and encryption for sensitive data at rest.
Access Control: Limiting access to personal data to authorized personnel with a legitimate need to know, based on roles and responsibilities.
Security Audits and Monitoring: Regularly reviewing our security practices and monitoring systems for potential vulnerabilities and attacks.
Secure Development Practices: Incorporating security considerations into our software development lifecycle.

However, please note that no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security.

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements, and for providing and improving the Service.

To determine the appropriate retention period, we consider:

The amount, nature, and sensitivity of the personal data.
The potential risk of harm from unauthorized use or disclosure.
The purposes for which we process the data and whether we can achieve those purposes through other means.
Applicable legal requirements (e.g., financial record retention periods).

Generally:

Account Information: Retained for as long as your account is active and for a reasonable period thereafter to allow for reactivation or as required by law.
Input Data & Generated Output: May be retained as necessary to provide the service and potentially for model improvement (often anonymized). You may have options within the app to delete specific inputs/outputs. [Clarify user deletion options if available].
Usage Data: Often retained for a specific period (e.g., 12-24 months) for analysis and then aggregated or deleted.
Billing Information: Retained according to legal requirements for financial records.

You can request the deletion of your account and associated personal data subject to the rights outlined in Section 10.

9. Cookies and Tracking Technologies

We use cookies (small text files stored on your device) and similar tracking technologies (like web beacons or pixels) on our website and within the ReplicaPixel application.

Types of Cookies We Use:

Strictly Necessary Cookies: Essential for the operation of the Service (e.g., authentication, security, session management). These cannot be disabled. (Legal Basis: Contract/Legitimate Interest).
Performance and Analytics Cookies: Help us understand how users interact with the Service, measure performance, and identify areas for improvement (e.g., Google Analytics). (Legal Basis: Consent, or Legitimate Interest with safeguards).
Functional Cookies: Enable enhanced functionality and personalization (e.g., remembering preferences). (Legal Basis: Consent).
Advertising and Targeting Cookies: Used by us or third parties (like Meta) to deliver relevant advertising, measure campaign effectiveness, and track users across websites (if applicable). (Legal Basis: Consent).

Your Choices and Consent:

When you first visit our website or use the app where non-essential cookies are used, we will request your consent via a cookie banner or similar mechanism. You can manage your preferences and withdraw consent at any time through our cookie settings tool or your browser settings.

For more detailed information about the specific cookies we use, their purposes, and how to manage them, please see our separate Cookie Policy.

10. Your Data Protection Rights (GDPR)

If you are located in the European Economic Area (EEA) or UK, you have the following rights regarding your personal data:

Right of Access (Article 15 GDPR): To request access to the personal information we hold about you.
Right to Rectification (Article 16 GDPR): To request correction of inaccurate or incomplete data.
Right to Erasure (‘Right to be Forgotten’) (Article 17 GDPR): To request deletion of your personal data under certain conditions.
Right to Restriction of Processing (Article 18 GDPR): To request restriction of processing under certain conditions.
Right to Data Portability (Article 20 GDPR): To receive your data in a machine-readable format and transmit it to another controller.
Right to Object (Article 21 GDPR): To object to processing based on legitimate interests or for direct marketing.
Right to Withdraw Consent (Article 7(3) GDPR): To withdraw consent at any time where processing is based on consent, without affecting prior lawful processing.
Right to Lodge a Complaint (Article 77 GDPR): To lodge a complaint with your local supervisory authority (Data Protection Authority) if you believe our processing infringes GDPR.

Exercising Your Rights:

To exercise these rights, please contact us using the details in Section 1 ("Introduction & Who We Are"). We will respond within the timeframes required by GDPR (typically one month), potentially after verifying your identity.

11. Children's Privacy

The ReplicaPixel Service is not intended for or directed at children under the age of 16 (or a higher age if stipulated by local law). We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal data from a child under 16 without verification of parental consent, we will take steps to remove that information from our servers.

12. Policy Updates and Changes

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make significant changes, we will notify you through the Service (e.g., via a notification within the app or website) or by email, and we will update the "Last Updated" date at the top of this policy.

We encourage you to review this policy periodically to stay informed about how we protect your information.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Jissicko Software
[Your Company Address]
[City, Postal Code, Country]
Email: jonathan.louisa@hotmail.com [or privacy@jissickosoftware.com]
Phone: +31 645736311 [Optional]